ISO/IEC 27001 Lead Implementer

From Wikipedia, the free encyclopedia

ISO/IEC 27001 Lead Implementer is a professional certification for professionals specializing in information security management systems (ISMS) based on the ISO/IEC 27001 standard. This professional certification is intended for information security professionals wanting to understand the steps required to implement the ISO/IEC 27001 standard (as opposed to the ISO/IEC 27001 Lead Auditor certification which is intended for an auditor wanting to audit and certify a system to the ISO/IEC 27001 standard).

This certification is provided by numerous organizations, and several of these organisations provide training courses to prepare the professionals. Some personnel certification bodies offer ISO/IEC 27001 Lead Implementer training courses such as BEHAVIOUR,[1] and IRCA. Attending the course and passing the exam is not sufficient for an individual to use the credentials of Lead Implementer as professional and implementation experience is required. The specific requirements to obtain a certificate stating the qualification of "ISO/IEC 27001 Lead Implementer" vary depending on the organisation issuing the certificate. Usually, all these programs are accredited or are in compliance with the ISO/IEC 17024 standard.

The course usually consists of around forty hours (four days) of training and a final exam on the fifth day, or with a limited time for scheduling. This certification is different from the ISO/IEC 27001 Lead Auditor certification which is targeted for information security professionals who want to audit the ISO/IEC 27001 standard rather than implement it. Most of the five-day ISO/IEC 27001 Lead Implementer courses require some prerequisite knowledge of ISO/IEC 27001 but the content of the courses may vary, depending on the certification program and/or certification body.

The professionals that hold the ISO/IEC 27001 Lead Implementer certification, have the required knowledge and expertise to conduct and lead ISO/IEC 27001 internal and external ISMS implementation projects, either, as supporting his/her organisation in the implementation of an ISMS or, as part of de deliver of information security consultancy services with the goal of supporting organisations in the implementation of an ISO/IEC 27001 ISMS and advancing for certification.

The main benefit from achieving the ISO/IEC 27001 Lead Implementer certification is the recognition that the individual has the required skills in information security, the ISO/IEC 27001 standard, and the implementation best practices to ensure compliance with the ISO/IEC 27001 ISMS requirements.

The main ISO/IEC 27001 implementer certifications normally follow these designations:

  • Provisional ISMS Implementer or Associate ISMS Implementer
  • ISMS Implementer
  • Lead ISMS Implementer


Other information security certifications[edit]

External links[edit]